CVE-2022-43515
X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.
*Credits:
osman1337
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-10-19 CVE Reserved
- 2022-12-05 CVE Published
- 2024-06-27 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
- CWE-863: Incorrect Authorization
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://support.zabbix.com/browse/ZBX-22050 | 2024-09-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zabbix Search vendor "Zabbix" | Frontend Search vendor "Zabbix" for product "Frontend" | >= 4.0.0 <= 4.0.44 Search vendor "Zabbix" for product "Frontend" and version " >= 4.0.0 <= 4.0.44" | - |
Affected
| ||||||
| Zabbix Search vendor "Zabbix" | Frontend Search vendor "Zabbix" for product "Frontend" | >= 5.0.0 <= 5.0.29 Search vendor "Zabbix" for product "Frontend" and version " >= 5.0.0 <= 5.0.29" | - |
Affected
| ||||||
| Zabbix Search vendor "Zabbix" | Frontend Search vendor "Zabbix" for product "Frontend" | >= 6.0.0 <= 6.0.9 Search vendor "Zabbix" for product "Frontend" and version " >= 6.0.0 <= 6.0.9" | - |
Affected
| ||||||
| Zabbix Search vendor "Zabbix" | Frontend Search vendor "Zabbix" for product "Frontend" | >= 6.2.0 <= 6.2.4 Search vendor "Zabbix" for product "Frontend" and version " >= 6.2.0 <= 6.2.4" | - |
Affected
| ||||||
| Zabbix Search vendor "Zabbix" | Frontend Search vendor "Zabbix" for product "Frontend" | 5.0.30 Search vendor "Zabbix" for product "Frontend" and version "5.0.30" | rc1 |
Affected
| ||||||
| Zabbix Search vendor "Zabbix" | Frontend Search vendor "Zabbix" for product "Frontend" | 6.0.11 Search vendor "Zabbix" for product "Frontend" and version "6.0.11" | rc1 |
Affected
| ||||||
| Zabbix Search vendor "Zabbix" | Frontend Search vendor "Zabbix" for product "Frontend" | 6.2.5 Search vendor "Zabbix" for product "Frontend" and version "6.2.5" | rc1 |
Affected
| ||||||